74ead6ed2fb6fc1e4dec8316f84c526fd93132ccdab3ac28d4007cabf0e57e28

Sharing

Copy URL Twitter E-mail

General

Target

74ead6ed2fb6fc1e4dec8316f84c526fd93132ccdab3ac28d4007cabf0e57e28
Size

394KB
MD5

555b9040f8694ec226b258e888c6b572
SHA1

3af73e7a53590051603d21690255fc83e9d16ab2
SHA256

74ead6ed2fb6fc1e4dec8316f84c526fd93132ccdab3ac28d4007cabf0e57e28
SHA512

d9963dad1c6fce5ddc4787d1c67a68f65a9f3256f2d410e3cd366b8362286b491acde046a11df67be973c8f78f9047fe88ac0905ae05a9ed663dc89884919314
SSDEEP

6144:j9A6TyE3ktD2OILj6c1EpQ+mpGS4nbGdLnVsT6t:QyLbmpQ+AGSqb+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74ead6ed2fb6fc1e4dec8316f84c526fd93132ccdab3ac28d4007cabf0e57e28

Files

74ead6ed2fb6fc1e4dec8316f84c526fd93132ccdab3ac28d4007cabf0e57e28
.exe windows:1 windows x86

d057661fa0c57da4e10eca58cdf1dc72

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
lstrcpynA
SetFileTime
GetFileTime
GetCurrentDirectoryA
FindFirstFileA
GetDiskFreeSpaceA
GetShortPathNameA
SetCurrentDirectoryA
HeapDestroy
HeapAlloc
GetSystemDirectoryA
GetVersionExA
GlobalUnlock
HeapCreate
GlobalLock
GetComputerNameA
GetLocalTime
LoadLibraryA
lstrcmpA
GetTickCount
GetProcAddress
FreeLibrary
SetErrorMode
GetDriveTypeA
GetLocaleInfoA
GlobalHandle
GetVolumeInformationA
lstrcatA
IsDBCSLeadByte
LoadResource
FindResourceA
CompareStringA
VirtualAlloc
RtlUnwind
VirtualFree
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapFree
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
WideCharToMultiByte
GetCommandLineA
GetStartupInfoA
SetEnvironmentVariableA
GetFullPathNameA
FindNextFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetSystemTime
GetTimeZoneInformation
GetCurrentProcess
TerminateProcess
ExitProcess
lstrcpyA
LockResource
FreeResource
GetLogicalDrives
GetLogicalDriveStringsA
SetFileAttributesA
DeleteFileA
GlobalMemoryStatus
CreateFileA
ReadFile
SetFilePointer
OpenFile
WriteFile
CloseHandle
MultiByteToWideChar
GetModuleFileNameA
GlobalAlloc
GlobalFree
GetPrivateProfileStringA
lstrcmpiA
GetLastError
GetWindowsDirectoryA
GetTempPathA
GetModuleHandleA
LoadLibraryExA
GetVersion
GetSystemDefaultLCID
CompareStringW
MulDiv
lstrlenA
HeapReAlloc

advapi32

RegCreateKeyExA
RegEnumKeyExA
RegSetValueExA
GetUserNameA
RegEnumValueA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyA
RegCloseKey

user32

GetWindowLongA
GetWindowTextA
BeginPaint
SetWindowLongA
FillRect
DrawFocusRect
SetRect
GetActiveWindow
EndDialog
RegisterClassA
LoadCursorA
LoadStringA
LoadBitmapA
CharUpperBuffA
SetFocus
GetDlgItemInt
GetSystemMetrics
GetFocus
CallWindowProcA
GetClassLongA
CopyRect
CharLowerA
SetCursor
ShowCursor
InvalidateRect
ScreenToClient
BroadcastSystemMessage
SendNotifyMessageA
GetDlgCtrlID
MessageBeep
InvertRect
CharUpperA
InflateRect
CheckRadioButton
CharNextA
SendDlgItemMessageA
GetSysColor
DestroyWindow
GetParent
MessageBoxA
GetKeyState
EnableWindow
LoadIconA
DrawIcon
EndPaint
DefWindowProcA
ReleaseDC
SetWindowTextA
CharPrevA
GetDlgItemTextA
wsprintfA
GetDialogBaseUnits
GetClientRect
ClientToScreen
ShowWindow
IsWindowEnabled
GetDlgItem
PostMessageA
GetWindow
SendMessageA
GetDC
DrawTextA
GetWindowRect
SetWindowPos
SetDlgItemTextA
GetSystemMenu
RemoveMenu
FindWindowA
SetForegroundWindow

gdi32

SetTextColor
GetObjectA
CreateCompatibleDC
BitBlt
CreateDiscardableBitmap
CreateDIBitmap
GetTextMetricsA
GetStockObject
AddFontResourceA
RemoveFontResourceA
CreateScalableFontResourceA
PatBlt
StretchBlt
CreateSolidBrush
CreatePatternBrush
CreateBitmap
RestoreDC
IntersectClipRect
SaveDC
GetPixel
GetNearestColor
SetBkColor
SelectObject
GetTextExtentPointA
DeleteObject
ExtTextOutA
CreateFontIndirectA
DeleteDC
CreateCompatibleBitmap
GetDeviceCaps

ole32

OleInitialize
OleUninitialize
CoCreateInstance

mpr

WNetAddConnection2A
WNetCancelConnection2A
WNetGetLastErrorA
WNetConnectionDialog
WNetCancelConnectionA
WNetAddConnectionA
WNetGetConnectionA

mssetup

FLongFileNamesSuppressed
CreateIniKeyValue
InitLongFileNames
SetAcmeInst
WriteLogDivider
FWriteToLogFile
SetErrorParamConst
PrependToPath
AddShareToAutoexec
RenameFile
GetEnvVariableValue
StampResource
FReadResource
CompareFileVersions
SetErrorParamInt
EercOpenFile
LfaSeekFile
CbReadFile
FCloseFile
CbStrCopyToBuffer
FLanguageMismatchInf
FChmodFile
AddLineToRestartFile
GetSectionKeyFilename
FGetKeyInfo
GetVersionNthField
TermIME
FRemoveOurDir
HmodUIHookDll
DoesInfSectionKeyExist
EnsurePathExists
SetErrorParamCopy
CreateProgmanItem
ShowProgmanGroup
DeleteProgmanItem
MakeListFromProgmanGroups
IsFileInUseBySystem
ReactivateSetupScript
FSetSymbolValue
HdlgShowHelp
ProcessMessageId
DoesIniKeyExist
UIPop
ForceNewDialog
GetScreenHeight
UIStartExeDlg
GetWindowsMode
SzLastChar
IsCtl3dEnabled
RemoveSymbol
GetListItem
GetListLength
UIStartExeDlgWinHelp
GetSymbolValue
SetPassInfo
HwndFrame
CopyFilesInCopyList
LogMessageId
Validate
GetCopyListCost
ClearCopyList
SetRestartDir
HandleOOM
PbAlloc
DoesFileExist
ReadInfFile
AddListItem
ClearBillboardList
SetCopyGaugePosition
ReplaceListItem
GetFreeSpaceForDrive
DriveNumToRootPath
SetErrorParam
FValidFilePath
IsDriveNetwork
CrcStringCompareI
CbGetListItem
GetNetworkDrivesList
SetSymbolValue
DoesDirExist
GetWindowsSysDir
IsWindowsShared
ShowWaitCursor
RestoreCursor
FRegCloseKey
SetRegKeyValue32Ex
GetRegKeyValue32Ex
FRegCreateKey32
DeleteRegKeyValue32
ForceRestartOn
EnableIME
InitIME
InitSetupToolkit
SetFEFontProc
GetSectionKeyVersion
DoesInfSectionExist
GetRegKeyValue32
GetScreenWidth
DoMsgBox
SuppressLongFileNames
SetAdminMode
SetSilentMode
SetTitle
SetBitmap
SetSizeCheckMode
SetAbout
EndSetupToolkit
FCloseLogFile
FFree
ExitExecRestart
RestartListEmpty
GetDOSMajorVersion
IsDirWritable
GetWindowsDirPath
SetRegKeyValue32
RemoveIniKey
RemoveDir
CrcStringCompare
GetIniKeyString
FOpenLogFile
SzGetLastSetupErrMsg
FindFileInTree
CbGetSymbolValue
IsWindows
OpenIME
RemoveFile
FCloseSrcFile
EercReadSrcFile
EercOpenSrcFileEx
EercWriteSrcFile
EercOpenSrcFile
IsDriveRemovable
EercFindHddiFloppy
SetErrorParamChar
GetVersionOfFile
IsDriveLocalHard
IsFileWritable
AddSectionKeyFileToCopyList
FindTargetOnEnvVar
GetNthFieldFromIniString
FindFileUsingFileOpen
AddToBillboardList
GetSectionKeySize
RemoveSectionKeyFileToCopyList
RemoveSpecialFileToCopyList
AddSpecialFileToCopyList
LogValidate
BindImage
MakeListFromSectionSize
RemoveSectionFilesToCopyList
AddSectionFilesToCopyList
CreateDir

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

shell32

ShellExecuteA

Sections

.text
Size: 207KB - Virtual size: 207KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 53B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 87KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d057661fa0c57da4e10eca58cdf1dc72

Headers

File Characteristics

Imports

kernel32

advapi32

user32

gdi32

ole32

mpr

mssetup

version

shell32

Sections

.text Size: 207KB - Virtual size: 207KB

.bss Size: - Virtual size: 2KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 28KB - Virtual size: 28KB

.idata Size: 10KB - Virtual size: 9KB

.edata Size: 512B - Virtual size: 53B

.rsrc Size: 87KB - Virtual size: 88KB

.reloc Size: 49KB - Virtual size: 49KB

.text
Size: 207KB - Virtual size: 207KB

.bss
Size: - Virtual size: 2KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 28KB - Virtual size: 28KB

.idata
Size: 10KB - Virtual size: 9KB

.edata
Size: 512B - Virtual size: 53B

.rsrc
Size: 87KB - Virtual size: 88KB

.reloc
Size: 49KB - Virtual size: 49KB